CVE-2007-4568

Related Files

Mandriva Linux Security Advisory 2007.210

Posted Nov 7, 2007

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow. The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.

tags | advisory, overflow, arbitrary, protocol

systems | linux, mandriva

advisories | CVE-2007-4568, CVE-2007-4990

SHA-256 | 3590d95e704a2b4bb5d685df07d508326a9d5921828ec1b7d94910404cf25c19

Download | Favorite | View

Gentoo Linux Security Advisory 200710-11

Posted Oct 13, 2007

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-11 - iDefense reported that the xfs init script does not correctly handle a race condition when setting permissions of a temporary file. Sean Larsson discovered an integer overflow vulnerability in the build_range() function possibly leading to a heap-based buffer overflow when handling QueryXBitmaps and QueryXExtents protocol requests. Sean Larsson also discovered an error in the swap_char2b() function possibly leading to a heap corruption when handling the same protocol requests. Versions less than 1.0.5 are affected.

tags | advisory, overflow, protocol

systems | linux, gentoo

advisories | CVE-2007-3103, CVE-2007-4568, CVE-2007-4990

SHA-256 | 511f463b3188bb6e41c1e0acef1a8578132acf147999f05fdb2f1f68b185056e

Download | Favorite | View

Debian Linux Security Advisory 1385-1

Posted Oct 11, 2007

Authored by Debian | Site debian.org

Debian Security Advisory 1385-1 Sean Larsson discovered that two code paths inside the X Font Server handle integer values insecurely, which may lead to the execution of arbitrary code.

tags | advisory, arbitrary

systems | linux, debian

advisories | CVE-2007-4568

SHA-256 | 7d2351d6bbaaa26298488b154c33c30a4f4f804aa58415cb559dec4380f72994

Download | Favorite | View

iDEFENSE Security Advisory 2007-10-02.1

Posted Oct 3, 2007

Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 10.02.07 - Remote exploitation of a multiple vulnerabilities in X.Org Foundation's X Font Server, as included in various vendors' operating system distributions, could allow an attacker to execute arbitrary code. iDefense has confirmed the existence of these vulnerabilities in XFS version X11R7.2-1.0.4. Previous versions may also be affected.

tags | advisory, remote, arbitrary, vulnerability

advisories | CVE-2007-4568

SHA-256 | efa2e92184226bbbf67acb9bc96f53bb0476cd59fd1e3b59af0eef6729674b00

Download | Favorite | View